[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dde3a358 by Moritz Muehlenhoff at 2026-05-11T21:18:17+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
 CVE-2026-8318 (A security flaw has been discovered in VectifyAI PageIndex up to f50e5 ...)
-	TODO: check
+	NOT-FOR-US: VectifyAI PageIndex
 CVE-2026-8305 (A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted ...)
 	NOT-FOR-US: OpenClaw
 CVE-2026-8292 (A security vulnerability has been detected in Open5GS up to 2.7.7. The ...)
-	TODO: check
+	- open5gs <itp> (bug #1094791)
 CVE-2026-8291 (A weakness has been identified in Open5GS up to 2.7.7. Impacted is the ...)
-	TODO: check
+	- open5gs <itp> (bug #1094791)
 CVE-2026-8290 (A security flaw has been discovered in Open5GS up to 2.7.7. This issue ...)
-	TODO: check
+	- open5gs <itp> (bug #1094791)
 CVE-2026-8289 (A vulnerability was identified in Open5GS up to 2.7.7. This vulnerabil ...)
-	TODO: check
+	- open5gs <itp> (bug #1094791)
 CVE-2026-8288 (A vulnerability was determined in Open5GS up to 2.7.7. This affects th ...)
-	TODO: check
+	- open5gs <itp> (bug #1094791)
 CVE-2026-7820 (Improper restriction of excessive authentication attempts (CWE-307) in ...)
-	TODO: check
+	- pgadmin4 <itp> (bug #834129)
 CVE-2026-7819 (Symbolic-link path traversal (CWE-61, CWE-22) in pgAdmin 4 File Manage ...)
-	TODO: check
+	- pgadmin4 <itp> (bug #834129)
 CVE-2026-7818 (Deserialization of untrusted data (CWE-502) in pgAdmin 4 FileBackedSes ...)
-	TODO: check
+	- pgadmin4 <itp> (bug #834129)
 CVE-2026-7817 (Local file inclusion (LFI) and server-side request forgery (SSRF) vuln ...)
-	TODO: check
+	- pgadmin4 <itp> (bug #834129)
 CVE-2026-7816 (OS command injection (CWE-78) vulnerability in pgAdmin 4 Import/Export ...)
-	TODO: check
+	- pgadmin4 <itp> (bug #834129)
 CVE-2026-7815 (SQL injection vulnerability in pgAdmin 4 Maintenance Tool.  Four user- ...)
-	TODO: check
+	- pgadmin4 <itp> (bug #834129)
 CVE-2026-7814 (Stored cross-site scripting (XSS) vulnerability in pgAdmin 4 Browser T ...)
-	TODO: check
+	- pgadmin4 <itp> (bug #834129)
 CVE-2026-7813 (Authorization vulnerability in pgAdmin 4 server mode affecting Server  ...)
-	TODO: check
+	- pgadmin4 <itp> (bug #834129)
 CVE-2026-7790 (Uncontrolled Resource Consumption vulnerability in ninenines cowlib (c ...)
 	TODO: check
 CVE-2026-7308 (An authenticated user with upload permission to a hosted repository ca ...)
@@ -35,17 +35,17 @@ CVE-2026-7308 (An authenticated user with upload permission to a hosted reposito
 CVE-2026-7210 (`xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entro ...)
 	TODO: check
 CVE-2026-6956 (ATutor is vulnerable to Reflected XSS in/install/install.php endpoint. ...)
-	TODO: check
+	NOT-FOR-US: ATutor
 CVE-2026-6909 (ATutor is vulnerable to Reflected XSS in/install/upgrade.php endpoint. ...)
-	TODO: check
+	NOT-FOR-US: ATutor
 CVE-2026-6815 (An arbitrary file write vulnerability exists in Casdoor's Local File S ...)
 	TODO: check
 CVE-2026-6093 (Corteza contains a SQL injection vulnerability in its Microsoft SQL Se ...)
-	TODO: check
+	NOT-FOR-US: Corteza
 CVE-2026-4802 (A flaw was found in Cockpit. This vulnerability allows a remote attack ...)
-	TODO: check
+	NOT-FOR-US: Crabbox
 CVE-2026-45224 (Crabbox before 0.9.0 contains a path traversal vulnerability in the Is ...)
-	TODO: check
+	NOT-FOR-US: Crabbox
 CVE-2026-45223 (Crabbox before 0.9.0 contains an authentication bypass vulnerability i ...)
 	TODO: check
 CVE-2026-45222 (Summarize versions through 0.14.1, fixed in commit 0cfb0fb, creates th ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dde3a3588410094e8e23d817af8679406fd37039

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dde3a3588410094e8e23d817af8679406fd37039
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260511/db7b5452/attachment-0001.htm>